package com.kgc.web;

import com.kgc.dao.UserDao;
import com.kgc.entity.User;
import com.kgc.untils.CodecUtils;
import com.kgc.untils.SendSMSUtils;
import com.kgc.vo.R;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;

@WebServlet(name = "UserLoginServlet", value = "/UserLoginServlet")

public class UserLoginServlet extends HttpServlet {
    private static final String KEY_PHONE = "sms:phone:"; // Session,key前缀

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        UserDao userDao = new UserDao();
        HttpSession session = request.getSession();
        PrintWriter writer = response.getWriter();
        String opt = request.getParameter("opt");
        if ("captcha".equals(opt)) {  //captcha验证码
            String captcha = request.getParameter("captcha");
            String code = (String) request.getSession().getAttribute("code");
            if (captcha.equalsIgnoreCase(code)) {
                writer.write("ok");
            } else {
                writer.write("error");
            }
        } else if ("phone".equals(opt)) {
            String phone = request.getParameter("phone");
            response.getWriter().write(SendSMSUtils.sendSms(phone, session).toJSON());
        } else if ("login".equals(opt)) {   //登录
            String captcha = request.getParameter("captcha");
            String code = (String) request.getSession().getAttribute("code");
            if (captcha.equalsIgnoreCase(code)) {
                String phone = request.getParameter("phone");
                String password = request.getParameter("password");  //明文
                User user = userDao.Login(phone);//通过手机号查询用户
                if (user != null) {
                    if (user.getStatus() == 0) {
                        // 用户不存在
                        writer.write(R.error("登录失败,账户已被禁用!").toJSON());
                    } else {
                        boolean match = CodecUtils.match(user.getPassword(), password, user.getSalt());
                        if (match) {
                            session.setAttribute("user", user);
                            writer.write(R.success("登录成功!").toJSON());
                        } else {
                            writer.write(R.error("登录失败!用户密码输入有误").toJSON());
                        }
                    }
                } else {
                    writer.write(R.error("登录失败!用户名不存在").toJSON());
                }
            } else {
                writer.write(R.error("登录失败!验证码有误").toJSON());
            }
        } else if ("FindPwd".equals(opt)) {
            String code = request.getParameter("code");
            String phone = request.getParameter("Findphone");
            String codeSession = (String) session.getAttribute("code");
            User user = userDao.Login(phone);
            if (user != null) {
                if (!codeSession.equals(code)) {
                    writer.write(R.error("验证码不正确!").toJSON());
                } else {
                    session.setAttribute("user", user);
                    writer.write(R.success("验证成功!").toJSON());
                }
            }else{
                writer.write(R.error("手机号未注册,请先注册!").toJSON());
            }
        }else if("resetting".equals(opt)){
            String new_password = request.getParameter("new_password");
            String again_password = request.getParameter("again_password");
            User user =(User) session.getAttribute("user");
            if(!new_password.equals(again_password)){
                writer.write(R.error("两次密码输入不一致").toJSON());
            }else{
                String salt = user.getSalt();
                String pwd = CodecUtils.md5Hex(again_password, salt);
                int i = userDao.updatePwd(pwd, user.getId());
                if (i > 0) {
                    writer.write(R.success("密码重置成功!").toJSON());
                } else {
                    writer.write(R.success("密码重置失败!").toJSON());
                }
            }
        } else if ("exit".equals(opt)) { //关闭
            session.invalidate();
            response.sendRedirect("/page/user/userLogin.jsp");
        } else if ("add".equals(opt)) {
            // 验证手机验证码
            String code = request.getParameter("code");
            String phone = request.getParameter("phone");
            String codeSession = (String) session.getAttribute("code");
            if (!codeSession.equals(code)) {
                writer.write(R.error("验证码不正确!").toJSON());
            } else {
                String username = request.getParameter("username");
                String password = request.getParameter("password");//明文
                String email = request.getParameter("email");
                String sex = request.getParameter("sex");
                User user = userDao.Login(phone);//通过手机号查询用户
                if (user != null) {
                    writer.write(R.error("注册失败,手机号已存在!").toJSON());
                } else {
                    String salt = CodecUtils.generateSalt();  // 生成随机盐
                    String newPsaaword = CodecUtils.md5Hex(password, salt); //密文
                    int i = userDao.addUser(new User(username, newPsaaword, phone, email, Integer.parseInt(sex), 1, salt));
                    if (i > 0) {
                        // 解除60验证
                        String key = KEY_PHONE + phone;
                        session.removeAttribute(key);
                        writer.write(R.success("注册成功!").toJSON());
                    } else {
                        writer.write(R.error("注册失败!").toJSON());
                    }
                }

            }
        }
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        this.doGet(request, response);
    }
}
